Resubmissions

11-08-2022 15:33

220811-szns3sbcb4 10

25-07-2022 16:57

220725-vglxwafbh5 5

General

  • Target

    48f9471c20316b295704e6f8feb2196dd619799edec5835734fc24051f45c5b7

  • Size

    78KB

  • Sample

    220811-szns3sbcb4

  • MD5

    204728fb1878b9f4f83c110e7cf6b5b5

  • SHA1

    cce00f83b70839ea9d42f2fe4ec773e6014ef00f

  • SHA256

    48f9471c20316b295704e6f8feb2196dd619799edec5835734fc24051f45c5b7

  • SHA512

    43df37b151c0ec7fa6f0f0ca185eb7666f256895b9fab0b62fc1f8666a0ad440c6f96569c3fa62b986eff03f980190cd5b484567f7f9b3f16e5cda348a74316c

Malware Config

Targets

    • Target

      48f9471c20316b295704e6f8feb2196dd619799edec5835734fc24051f45c5b7

    • Size

      78KB

    • MD5

      204728fb1878b9f4f83c110e7cf6b5b5

    • SHA1

      cce00f83b70839ea9d42f2fe4ec773e6014ef00f

    • SHA256

      48f9471c20316b295704e6f8feb2196dd619799edec5835734fc24051f45c5b7

    • SHA512

      43df37b151c0ec7fa6f0f0ca185eb7666f256895b9fab0b62fc1f8666a0ad440c6f96569c3fa62b986eff03f980190cd5b484567f7f9b3f16e5cda348a74316c

    • Lightning Framework

      Linux modular framework with the ability to install rootkits, first seen in July 2022.

    • Writes file to tmp directory

      Malware often drops required files in the /tmp directory.

MITRE ATT&CK Matrix

Tasks